I am running JupyterHub 0.8.2 on AWS EKS (managed kubernetes) cluster.
I specify an AWS load balancer in my helm config like so:
service:
annotations:
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <<my_cert_arn>>
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "1800"
This creates an ELB that points to jhub
I want to know if there is any way for me to configure ingress rules on the SG that is associated with this ELB? (It creates a SG implicitly, it seeems)
I need to restrict access to this ELB, based on SG rules. This causes problems when we iterate on the helm release. When the helm release is re-created, the ELB and SG are re-created, and the ingress rules are lost. The developer must remember to add them back each time.